Regenerating security certificates is always a good security policy and should be strictly implemented in every mission-critical production infrastructure.
In the case of Nutanix guest tools, the certificates are scheduled to expire every 3 years.
After the certificates are expired, you will notice the NGT link to be false and an alert to be generated saying Guest Service is not reachable.
So how do we regenerate the certificates in NGT?
- First, we get the VM id of the affected NGT VM using the command
ncli ngt list
- We delete the VM entity from the ngt cli and recreate using VM id
- Go to VM and restart the Guest Agent Service
Go through the following KB to get the detailed information regarding the procedure and the commands involved.